Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2016.2337
Cisco Nexus 7000 and 7700 Series Switches Overlay Transport
Virtualization Buffer Overflow Vulnerability
6 October 2016
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Cisco Nexus 7000 and 7700 Series Switches
Publisher: Cisco Systems
Operating System: Cisco
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Denial of Service -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2016-1453
Original Bulletin:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-otv
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Nexus 7000 and 7700 Series Switches Overlay Transport Virtualization Buffer Overflow Vulnerability
Advisory ID: cisco-sa-20161005-otv
Revision 1.0
For Public Release 2016 October 5 16:00 UTC (GMT)
+---------------------------------------------------------------------
Summary
=======
A vulnerability in the Overlay Transport Virtualization (OTV) Generic Router Encapsulation (GRE) implementation of the Cisco Nexus 7000 and 7700 Series Switches could allow an unauthenticated, adjacent attacker to cause a reload of the affected system or to remotely execute code.
The vulnerability is due to incomplete input validation performed on the size of OTV packet header parameters, which can result in a buffer overflow. An attacker could exploit this vulnerability by sending a crafted OTV UDP packet to the OTV interface on an affected device. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the OTV related process on the affected device.
Cisco has released software updates that address this vulnerability. A workaround to mitigate this vulnerability is available.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-otv
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (SunOS)
iQIVAwUBV/Jmd689gD3EAJB5AQJKfxAAgQHHRNd10fAZT/Nv9Nd3OarYWZjt9QnE
c3Q5KPGZ8yBsoBDp9vGNq3Zu1XRLz9TZJk/2hqs3AOGLsONeyJ+wcce01/zYwdxv
wjgXc/qs/fT4uDFSjguCq4alBDJoxA+MCDH9ZYJ1XdykCVoZprcJQFbiRuSkKJJB
0pS1RsmiJ1KXbOpG7oCU/7ptb6gVAMVieTZW530Feu/WXssLA4I8wprNfhdMzW5Q
15KqH+pOZSr831rjBQahnudBB1u5smw/fWWgtRZxo6x3OSbS2drqGaRbNg6qPtl7
m8zdl2Rd++FYEwKm61Xwm7t8x2m2Yh/aHRRGL5bTcit1xFETiadL73hiD2wFoYdR
XEIFnYn+7tkIOhq2cS89O+00CYipFTwBBsMpibURVP56nY3xUaiv4AL72bxed0ys
afJ1ZctMSLOQRrcjbmzRWFyCjZEjg03SrPOCsCmQRRkl0MPeGCJ/e7gkhE7aYN+B
E1dsASbbLHyH0zwkOGMxoDiPHf1UPiSpXN9JpdAZlk6iF5sD4POXhmAtYgyyQIDt
6mZn6hW7HH38hTErrze1rN1IIQiO/qDjowkQuSi5G3SsT3uAGn4Rtz6oZTHzLuYq
LT/vX3BK/0WbKII0Zz/Vw4QY1vhx32rgdGzez0H/OKMKMICsi8IvuqXGeOZZC++B
CoZE5dSl+VI=
=P29o
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIUAwUBV/WtE4x+lLeg9Ub1AQhyUA/3TFzPxbbDJ2kL8EW9cxewJhspTFMqIHkc
APs2yxuBt+MqUsEKFJwAgTSR66IgTLvtkR/0Eggq4gCm2lfi+csiM2l6f4DBnoRJ
4lsgJMXR16jgjNQgevUFcz7Ah3ONXcLksv98/QQmSdlbEiNP20Mf8hUFlLNPme+9
X2+ZHlo8uXi27noHkq1ihMVZT1XYTN9zP+gbotw+pkIccxQ68oBJj9vl0m8cvSfy
IDNYTbfLwG4ECbSL/j12WBYamrDeeEizr/nsHKRab+e10lxR8/RH3TmqYNnhVqqZ
Y88DxOjjLE3+mgKx/TunbDvHF/X7aF/0tO/OIeZojYLqayIJCkHoEvJwBpR9LtiI
5fwBSMUjfw5Or//xMHzHzIMH87nazd3l70uBRN+OkS/8LFh63O5n8ASNLrX5IZng
9eJsk+Nv7B2JRHWChBcfSHT2I9b5K1GFigfv62pjpYTNPI3jZ9uYPVAbEvI4GYVk
L4Gea2BDoTGKIs1KbXeIt3VNIS/dzCCn2FmNzYvcqWX/1z36kxI0eFXzZZndhyMd
MzIpO0PWCY92547lBfQISg9J5FZH+DMlvRQnCP3OvlRAO9wWbw8u+8c4h4WEbcFF
uqFZs8e8jMldnDRWc0Fk5Zo6b/sE2KwfH4gwlU8lfYpj+bOlEFPYS1zGZzRvGYgC
R/7HeUQbIw==
=eqqM
-----END PGP SIGNATURE-----